Cross site scripting

2014-10-3114:55:00

PRIOn knowledge base

www.prio-n.com

5.8 Medium

AI Score

Confidence

High

0.002 Low

EPSS

Percentile

60.4%

JSON

Multiple cross-site scripting (XSS) vulnerabilities in the Web User Interface in Fortinet FortiManager before 5.0.7 and FortiAnalyzer before 5.0.7 allow remote attackers to inject arbitrary web script or HTML via unspecified vectors, a different vulnerability than CVE-2014-2334 and CVE-2014-2335.

CPENameOperatorVersion
fortianalyzer_firmwarele5.0.6
fortimanagerle5.0.6

CPE	Name	Operator	Version
	fortianalyzer_firmware	le	5.0.6
	fortimanager	le	5.0.6

References

secunia.com/advisories/61309

www.fortiguard.com/advisory/FG-IR-14-033/

www.securityfocus.com/bid/70889

exchange.xforce.ibmcloud.com/vulnerabilities/98479